﻿using Microsoft.Extensions.Options;
using Microsoft.IdentityModel.Tokens;
using OnWork.Admin.Util.Configs;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;

namespace OnWork.Admin.Base
{
    /// <summary>
    /// Jwt帮助类
    /// </summary>
    public class JwtHelper : ISingleton
    {
        private readonly JwtConfiguration _jwtConfig;

        /// <summary>
        /// 构造函数
        /// </summary>
        /// <param name="options"></param>
        public JwtHelper(IOptions<JwtConfiguration> options)
        {
            _jwtConfig = options.Value;
        }

        /// <summary>
        /// 创建koken
        /// </summary>
        /// <returns></returns>
        public string CreateToken()
        {
            // 1. 定义需要使用到的Claims
            var claims = new[]
            {
            new Claim(ClaimTypes.Name, "u_admin"), //HttpContext.User.Identity.Name
            new Claim(ClaimTypes.Role, "r_admin"), //HttpContext.User.IsInRole("r_admin")
            new Claim(JwtRegisteredClaimNames.Jti, "admin"),
            new Claim("Username", "Admin"),
            new Claim("Name", "超级管理员")
        };

            // 2. 从 appsettings.json 中读取SecretKey
            var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtConfig.SecretKey));

            // 3. 选择加密算法
            var algorithm = SecurityAlgorithms.HmacSha256;

            // 4. 生成Credentials
            var signingCredentials = new SigningCredentials(secretKey, algorithm);

            // 5. 根据以上，生成token

            var jwtSecurityToken = new JwtSecurityToken(
                _jwtConfig.Issuer,     //Issuer
                _jwtConfig.Audience,   //Audience
                claims,                          //Claims,
                DateTime.Now,                    //notBefore
                DateTime.Now.AddMinutes(_jwtConfig.AccessTokenExpiresMinutes),    //有效期
                signingCredentials               //Credentials
            );

            // 6. 将token变为string
            var token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);

            return token;
        }
    }
}